HACKING AND INFORMATION SECURITY

INTRODUCTION TO HACKING & HACKERS

Slides made by : KARAN PATEL

HACKING
Hacking is act of getting unauthorized access,

breaking security measures, data theft , getting super user privileges, manipulating machines materials humans, revealing untold truths. Hacking is considered as anti-social activity. Hacking is not crime ( except to some cases ).

Slides made by : KARAN PATEL

Hacking Good or Bad??????

Hacking used for many purposes that

sometimes may be for peoples or governments welfare i.e., for Defensive Activities and some time in Destructive Act i.e., Offensive manner. Hacking for a cause approach:
Hacking activities done for human welfare or in

some legitimate reasons is comes under this category.

Slides made by : KARAN PATEL

Who the Hackers really are?????

Hackers are the individual personnel or some

well-organized group of people decides some strategies for achieving some legitimate or illegitimate goals. Hackers are highly skilled fellows with good knowledge on computer systems & real life specialists on tackling any undesired situations.
Slides made by : KARAN PATEL

Hacktivism
Refers to the idea of Hacking with or for a cause Comprises of Hackers with a social or political agenda Aims at sending a message through their hacking activity

and gaining visibility for their cause and themselves. Common targets includes government agencies, MNCs, or any other entity perceived as bad or wrong by these groups or individuals. Slides made by : KARAN PATEL

Levels of Hackers:
Script kiddies : These are the wannabe hackers, who dont know anything

about hacking and background procedures they just apply codes made by hackers without prior knowledge of the results. Intermediate Hackers: These are the Hackers who knows everything about hacking but cant make codes & tools. Elite Hackers : These are the highly know ledged entities who plays with computer machines, human minds & laws. Slides made by : KARAN PATEL

Types of Hackers:
Black Hats : Individuals with extraordinary computing skills , resorting to malicious or

destructive activities. Also known as crackers White Hats : Individuals professing hacker skills and using them for defensive purposes. Also known as security analysts. Gray hats : Individuals who work both offensively and defensively at various times. Suicide hackers : Individuals who aim to bring down critical infrastructure for a cause and do not worry about facing 30yrs in jail for their actions. Slides made by : KARAN PATEL

What does a Malicious Hacker Do?

Slides made by : KARAN PATEL

6 great hackers of all time

WHITE HAT :
LINUS TORVALDS TIM BERNERS LEE STEPHEN WOZNIAK

BLACK HAT :
KEVIN MITNICK

ROBERT TAPPAN MORRIS

JONATHAN JAMES
Slides made by : KARAN PATEL

HACKING AND INFORMATION SECURITY

FAMILIARIZATION WITH HACKING & CYBER CRIME JARGONS OR LINGOS

Slides made by : KARAN PATEL

Terminologies:
Threat : An action or event that might compromise security. A threat

is a potential violation of security. Vulnerability : Existence of a weakness, design, or implementation error that can lead to an unexpected and undesirable event compromising the security of the system. Target of Evaluation (TOE): An IT system, program, or component that is the identified/ subject of a security analysis for evaluation or attack.
Slides made by : KARAN PATEL

Terminologies:
Attack : An assault on the system

security that is derived from an intelligent threat. An attack is any action that violates security. Exploit : A defined way to breach the security of an IT system through vulnerability.

Slides made by : KARAN PATEL

Terminologies:
Security : A state of well-being

of information and infrastructure in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable.
Slides made by : KARAN PATEL

Terminologies:
Malware : A computer program

designed to have undesirable or harmful effects. Phishing : The process of tricking user to disclose user name and password by sending fake emails or setting up fake website which mimics sign-in pages is called phishing.
Slides made by : KARAN PATEL

Terminologies:
Rootkits : Rootkits are kernel

programs that have the ability to hide themselves and cover up traces of activities. Spam : Unwanted or junk email. Spyware : Spyware is a program that records computer activities on a machine.
Slides made by : KARAN PATEL

Terminologies:
Trojans : Trojan is a small

program that runs hidden on an infected computer. With the help of a Trojan, an attacker gets access to stored passwords in the Trojaned computer and would be able to read personal documents, delete files and display pictures, and/or show messages on the screen.
Slides made by : KARAN PATEL

Terminologies:
Viruses and Worms: Viruses and worms can be used to infect a

system and modify a system to allow a hacker to gain access. Many viruses and worms carry Trojans and backdoors. In this way, a virus or worm is a carrier and allows malicious code such as Trojans and backdoors to be transferred from system to system much in the way that contact between people allows germs to spread.
Slides made by : KARAN PATEL

HACKING AND INFORMATION SECURITY

SECURITY ESSENTIALS

Slides made by : KARAN PATEL

Why security is require?

To save what you have. To save common human welfare ventures. To sustain in era of competition. To live happy & ever growing life.

Slides made by : KARAN PATEL

Security Bases:
Security rests on confidentiality, authenticity, Integrity, and availability Confidentiality is the concealment of information
or resources.

Authenticity is the identification and assurance

of the origin of information. Integrity refers to the trustworthiness of data or resources in terms of preventing improper and unauthorized changes. Availability refers to the ability to use the information or resource desired.
Slides made by : KARAN PATEL

Deployment of security:
Risk Assessment : One must know the level of risk that an attack possesses towards company for deploying suitable security measures. Risk categories include: Confidential information Business credibility Business availability Resources Money
Slides made by : KARAN PATEL

Security,Functionality & Ease of Use

Slides made by : KARAN PATEL

HACKING AND INFORMATION SECURITY

HACKERS SIDE

Slides made by : KARAN PATEL

What Does a Malicious Hacker Do?

Reconnaissance
Active / passive

Scanning Gaining access

Operating system level / application level Network level Denial of service

Maintaining

Maintaining access
Uploading / altering / downloading programs or data

Covering tracks
Slides made by : KARAN PATEL

Reconnaissance
Reconnaissance refers to the preparatory

phase where an attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack.

Slides made by : KARAN PATEL

Scanning
Scanning refers to pre-attack phase when the

hacker scans the network with specific Information gathered during reconnaissance.

Slides made by : KARAN PATEL

Gaining Access:
Gaining Access refers to the true attack

phase. The hacker exploits the system.

Slides made by : KARAN PATEL

Maintaining Access:
Maintaining Access refers to the phase when

the hacker tries to retain his ownership of the system.

Slides made by : KARAN PATEL

Covering tracks:
Covering Tracks refers to the activities

undertaken by the hacker to extend his misuse of the system without being detected.

Slides made by : KARAN PATEL